ThabetAmer/create-s3-bucket.sh

## create-s3-bucket.sh
AWS_BUCKET="xyz"
AWS_REGION="eu-central-1"
AWS_ID="11111111111"
AWS_USER="s3-user"

# TODO: review access
cat > policy.json << EOL
{
    "Version": "2012-10-17",
    "Id": "Policy1554206237047",
    "Statement": [
        {
            "Sid": "Stmt1554206230901",
            "Effect": "Allow",
            "Principal": {
                "AWS": [
                    "arn:aws:iam::${AWS_ID}:user/${AWS_USER}",
                    "arn:aws:iam::${AWS_ID}:root"
                ]
            },
            "Action": [
                "s3:GetObject",
                "s3:GetObjectAcl",
                "s3:ListBucket",
                "s3:PutObject"
            ],
            "Resource": [
                "arn:aws:s3:::${AWS_BUCKET}",
                "arn:aws:s3:::${AWS_BUCKET}/*"
            ]
        }
    ]
}
EOL

aws s3api create-bucket --bucket $AWS_BUCKET --region $AWS_REGION --acl private --create-bucket-configuration LocationConstraint=$AWS_REGION
aws s3api put-bucket-policy --bucket $AWS_BUCKET --policy file://policy.json
rm -f policy.json
	AWS_BUCKET="xyz"
	AWS_REGION="eu-central-1"
	AWS_ID="11111111111"
	AWS_USER="s3-user"

	# TODO: review access
	cat > policy.json << EOL
	{
	"Version": "2012-10-17",
	"Id": "Policy1554206237047",
	"Statement": [
	{
	"Sid": "Stmt1554206230901",
	"Effect": "Allow",
	"Principal": {
	"AWS": [
	"arn:aws:iam::${AWS_ID}:user/${AWS_USER}",
	"arn:aws:iam::${AWS_ID}:root"
	]
	},
	"Action": [
	"s3:GetObject",
	"s3:GetObjectAcl",
	"s3:ListBucket",
	"s3:PutObject"
	],
	"Resource": [
	"arn:aws:s3:::${AWS_BUCKET}",
	"arn:aws:s3:::${AWS_BUCKET}/*"
	]
	}
	]
	}
	EOL

	aws s3api create-bucket --bucket $AWS_BUCKET --region $AWS_REGION --acl private --create-bucket-configuration LocationConstraint=$AWS_REGION
	aws s3api put-bucket-policy --bucket $AWS_BUCKET --policy file://policy.json
	rm -f policy.json